cvs commit: ports/Mk bsd.port.mk
Simon L. Nielsen
simon at FreeBSD.org
Sun Mar 11 21:30:50 UTC 2012
simon 2012-03-11 21:30:49 UTC
FreeBSD ports repository
Modified files:
Mk bsd.port.mk
Log:
Make bsd.port.mk not parse port audit's auditfile directly to
check for vulnerabilities, but call portaudit instead.
This fixes a remote command execution vulnerability for users who have
portaudit installed.
While changing the code anyway, remove the annoying and very verbose
"Vulnerability check disabled, database not found" warning.
Security: Remote code execution
Security: http://vuxml.FreeBSD.org/6d329b64-6bbb-11e1-9166-001e4f0fb9b1.html
Approved by: portmgr
Feature safe: yes (or at least approved)
With hat: so
Revision Changes Path
1.707 +6 -15 ports/Mk/bsd.port.mk
More information about the cvs-all
mailing list